Klikki Oy

March 19, 2015
A stored XSS vulnerability in Google Analytics by Yoast can lead to code execution by unauthenticated users, affecting millions of WordPress sites. Read more »
March 12, 2015
Four vulnerabilties, including a critical SQL injection, in WPML (sitepress-multilingual-cms) WordPress plug-in. Patch available. Updated March 13. Read more »
January 31, 2015
Another 0-day to be released soon: WordPress 3.0 - 4.1.1 core stored XSS, vendor notified on November 7. Same impact as the previous but more restricted attack vector.
January 6, 2015
Klikki's pioneering typing test site TyperA goes viral after stories on Huffington Post, MTV, Cosmopolitan, etc.
December 1, 2014
WordPress proof of concept exploit published. Read more »
November 20, 2014
Critical WordPress security vulnerability discovered by Klikki Oy affects tens of millions of web sites:
Press release »  Technical advisory »  Vulnerability test »
Unpublished zero-days
Interested our unpublished zero-days?  Contact us!

Cyber security

Advisory archive

Customer references

  • Danske Bank
  • Balancion

Game development

Hockey.tk  Socceracy  TyperA